Data is collected, organized, and processed for virtually every transaction and communication that occurs in today's global economy. The integrity of this information (e.g., its authenticity and/or security) has become important to enterprises and individuals. Consequently, a variety of techniques to secure information and the components that process it have been developed.
Application gateways (AGs) are usually built as applications on operating systems (e.g., Windows® and Linux® operating systems), and often act as a portal between one network and another (e.g., a public network and a private network). AGs exposed to public networks are often subject to attack, and therefore vulnerable. If an attack succeeds in compromising AG security measures, unauthorized entities may be permitted to access AG operating system (OS) privileges to make use of AG facilities.
One approach to exploiting the vulnerability of an AG includes the use of codes that take over the AG OS with privileges that the AG has on the OS, so that OS facilities can be used by unauthorized entities (e.g., a hacker accessing the Bourne Again Shell (bash) shell). This type of attack is commonly made against web servers, for example. Another approach involves accessing AG privileges on the OS to use OS facilities in a seemingly normal manner (e.g., sending a command with a payload that executes to run as an AG process, scanning the network coupled to an internal, private network server). This type of attack is often used against routers and other intermediary devices. Since AGs may be involved in both scenarios, they may be vulnerable to both approaches.